Because of sharing the same codebase, JRockit is affected by thevulnerabilities mentioned in GLSA 200804-20.

Impact=3D=3D=3D=3D=3D=3D

A remote attacker could entice a user to run a specially crafted appleton a website or start an application in Java Web Start to executearbitrary code outside of the Java sandbox and of the Java securityrestrictions with the privileges of the user running Java. The attackercould also obtain sensitive information, create, modify, rename andread local files, execute local applications, establish connections inthe local network, bypass the same origin policy, and cause a Denial ofService via multiple vectors.

This GLSA and any updates to it are available for viewing atthe Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200804-28.xml

Concerns?=3D=3D=3D=3D=3D=3D=3D=3D=3D

Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users machines is of utmostimportance to us. Any security concerns should be addressed tosecurity@gentoo.org or alternatively, you may file a bug athttp://bugs.gentoo.org.